Security Engineer, Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Adree is seeking a Security Engineer to support product development by leveraging application security expertise. The role involves bridging security compliance with rapid delivery, operationalizing automated security controls throughout the SDLC, and collaborating with cross-functional teams.
Key Skills for This Role
Responsibilities
- Engage with clients and stakeholders to gather security requirements and understand their digital transformation and compliance goals
- Deliver impactful presentations, security dashboards, and reporting frameworks showcasing vulnerability triage, remediation tracking, and pipeline safety metrics
- Support engineering and DevOps teams in configuring and tuning Fortify SAST/DAST, establishing clear thresholds, and governing exception workflows
- Provide technical insights and application security expertise throughout the product lifecycle to automate SSL/TLS certificate renewals using HashiCorp Vault and Cert Manager in Kubernetes
- Collaborate with cross functional teams (including DevOps and QA) to build secure pipelines, manage test environment controls, and enforce software supply chain visibility via SBOM integration
- Stay current with industry trends, OWASP frameworks, container security concepts, and threat modeling to position solution security effectively
- Conduct workshops and technical triage sessions internally and with clients to define Quality Gates, vulnerability SLAs, and secure secrets management patterns with SecurEnvoy MFA
- Participate in Agile development processes and release alignments, producing required compliance evidence, scan outputs, approvals, and comprehensive release evidence packs
Requirements
- Bachelor's degree in Computer Science, Cyber Security, Software Engineering, or related technical field
- 4+ years of professional experience in Application Security (AppSec), DevSecOps, or Security Engineering
- Proven experience operationalizing enforceable security gates within CI/CD pipelines, preferably using Azure DevOps Server
- Demonstrated experience with threat modeling, vulnerability management, and operating within government or highly regulated enterprise sectors
- Deep proficiency in Secure SDLC principles, OWASP Top 10, container security concepts, and Kubernetes/OpenShift security basics
- Strong hands on experience implementing image signing/verification (Sigstore/Cosign) and artifacts lifecycle security via JFrog Artifactory
- Analytical skills to correlate security logs and monitoring alerts with enterprise platforms like AppDynamics, BMC, or Azure Monitoring
- Excellent soft skills with ability to influence without authority, deliver pragmatic risk based guidance, and handle security escalations calmly
Full Job Posting
Role Overview
- Adree is seeking a Security Engineer to support product development and engineering initiatives by leveraging deep application security and analytical expertise to articulate the value of secure, compliant digital solutions.
- You will work closely with stakeholders to understand technical requirements and business goals, and clearly demonstrate how enforceable security gates and robust vulnerability lifecycle management can address their needs.
- You will be responsible for bridging the gap between security compliance and rapid delivery execution, collaborating across teams to operationalize automated security controls throughout the SDLC.
Key Responsibilities
- Engage with clients and stakeholders to gather security requirements and understand their digital transformation and compliance goals
- Deliver impactful presentations, security dashboards, and reporting frameworks showcasing vulnerability triage, remediation tracking, and pipeline safety metrics
- Support the engineering and DevOps teams in configuring and tuning Fortify SAST/DAST, establishing clear thresholds, and governing exception workflows
- Provide technical insights and application security expertise throughout the product lifecycle to automate SSL/TLS certificate renewals using HashiCorp Vault and Cert Manager in Kubernetes
- Collaborate with cross functional teams (including DevOps and QA) to build secure pipelines, manage test environment controls, and enforce software supply chain visibility via SBOM integration
- Stay current with industry trends, OWASP frameworks, container security concepts, and threat modeling to position solution security effectively
- Conduct workshops and technical triage sessions internally and with clients to define Quality Gates, vulnerability SLAs, and secure secrets management patterns with SecurEnvoy MFA
- Participate in Agile development processes and release alignments, producing required compliance evidence, scan outputs, approvals, and comprehensive release evidence packs
Education
- Bachelor’s degree in Computer Science, Cyber Security, Software Engineering, or a related technical field.
Experience
- 4+ years of professional experience in Application Security (AppSec), DevSecOps, or Security Engineering.
- Proven experience operationalizing enforceable security gates within CI/CD pipelines, preferably using Azure DevOps Server.
- Demonstrated experience with threat modeling, vulnerability management, and operating within government or highly regulated enterprise sectors is a strong plus.
Skills & Competencies
- Deep proficiency in Secure SDLC principles, OWASP Top 10, container security concepts, and Kubernetes/OpenShift security basics.
- Strong hands on experience implementing image signing/verification (Sigstore/Cosign) and artifacts lifecycle security via JFrog Artifactory.
- Analytical skills to correlate security logs and monitoring alerts with enterprise platforms like AppDynamics, BMC, or Azure Monitoring.
- Excellent soft skills with an ability to influence without authority, deliver pragmatic risk based guidance, and handle security escalations calmly.
- Strong collaboration, structured reporting, and cross functional engineering alignment.
Experience Summary
- Operationalization of automated DevSecOps security gates across CI/CD pipelines
- Vulnerability lifecycle management including triage, SLA tracking, and remediation
- Automated software supply chain security (SBOM generation & container image signing)
- Secrets management integration and automated infrastructure certificate management
- Application security scanning optimization across SAST and DAST frameworks
- Regulatory compliance evidence gathering and release package auditing
Skills Summary
- Azure DevOps Server & JFrog Artifactory secure workflow management
- Fortify SAST/DAST tuning & exception workflow design
- HashiCorp Vault secrets management & Cert Manager infrastructure
- Container & cluster security principles (Kubernetes / Red Hat OpenShift)
- Multi factor authentication access patterns (SecurEnvoy MFA)
- Stakeholder relationship management & security governance
- Prioritization, risk based communication, and teamwork
Additional Information
- Travel for client facing activities
- Job location: HQ
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Adree
Quality Control, Senior Engineer
Riyadh, KSA
Adree is seeking a Quality Control, Senior Engineer responsible for ensuring product/service quality by performing inspections, tests, and audits across the production or servic...
Software Quality Assurance, Expert
Riyadh, KSA
Adree is seeking a Software Quality Assurance, Expert to support product development by leveraging technical and analytical expertise to implement and ensure the application of ...
Quality Control, Senior Engineer
Riyadh, KSA
Adree is seeking a Quality Control Senior Engineer to ensure product/service quality through inspections, tests, and audits. The role involves leading quality documentation, root cause analysis, and supporting continuous
Software Quality Assurance, Specialist
Riyadh, KSA
Adree is seeking a Software Quality Assurance Specialist to implement QA strategies and ensure end-to-end quality across the software development lifecycle. The role requires 4+ years of QA experience in software or digi
Security Engineer, Specialist
Riyadh, KSA
Adree is seeking a Security Engineer, Specialist to support our product development and engineering initiatives by leveraging deep application security and analytical expertise ...
Quality Control, Senior Engineer
الرياض, KSA
Adree is seeking a Senior Quality Control Engineer to ensure product/service quality through inspections, tests, and audits. The role involves leading quality documentation, root cause analysis, and CAPA, while collabora
Software Quality Assurance, Expert
الرياض, KSA
Adree is seeking a Software Quality Assurance Specialist to implement QA strategies and ensure quality standards across software products. The role requires 4+ years of QA experience in software development, familiarity
DevOps Engineer, Senior
Riyadh, KSA
Support product development and platform automation by designing secure infrastructure solutions, implementing CI/CD practices, and collaborating with cross-functional teams.
Quality Control, Senior Engineer
Riyadh, KSA
Software Quality Assurance, Expert
Riyadh, KSA
Quality Control, Senior Engineer
Riyadh, KSA
Software Quality Assurance, Specialist
Riyadh, KSA
Security Engineer, Specialist
Riyadh, KSA
Quality Control, Senior Engineer
الرياض, KSA
Software Quality Assurance, Expert
الرياض, KSA
DevOps Engineer, Senior
Riyadh, KSA

